Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)
v2.2.2
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
v2.2.1
Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
v2.2.0
New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
Bumps the npm_and_yarn group with 6 updates in the /app/ui directory:
0.5.34
0.5.35
6.0.1
9.0.0
0.2.0
0.2.2
1.2.6
1.2.8
2.6.7
2.7.0
1.2.3
1.2.5
Bumps the npm_and_yarn group with 9 updates in the /app/ui/mock-server directory:
0.2.0
0.2.2
2.1.3
2.2.3
3.0.4
3.1.2
1.2.5
1.2.8
2.29.1
2.30.1
2.6.1
2.7.0
1.2.3
1.2.5
2.24.0
3.13.0
4.1.0
4.1.1
Updates
moment-timezone
from 0.5.34 to 0.5.35Release notes
Sourced from moment-timezone's releases.
Changelog
Sourced from moment-timezone's changelog.
Commits
b8fb1ba
Build moment-timezone 0.5.35f1b5e5a
Add changelog for 0.5.358b0eb0c
Bump version to 0.5.357915ac5
Bugfix: Prevent cleartext transmission of tz data during buildce955a3
Bugfix: Fix command injection vulnerability in grunt tzdata pipeline9430b4c
Merge remote-tracking branch 'origin/master' into developfeaf900
Updated contributing.md + added 2021e files704cfac
updated contributing.md877c863
Updated contributing.md + added 2021e files5a3015c
updated contributing.mdUpdates
node-sass
from 6.0.1 to 9.0.0Release notes
Sourced from node-sass's releases.
... (truncated)
Commits
87f3899
feat: Node 20 support (#3355)06ae4c7
build(deps): bump coverallsapp/github-action from 2.0.0 to 2.1.0 (#3350)e069f73
build(deps): bump coverallsapp/github-action from 1.2.0 to 2.0.0c34837d
build(deps): bump coverallsapp/github-action from 1.1.3 to 1.2.0ee13eb9
8.0.098e75b3
feat: Node 18 and 19 support and drop Node 17 (#3257)e9bb866
Bump node-gyp and nan for node 19 support (#3314)ab7840b
Fix binaries being partially downloaded (#3313)d595abf
7.0.33b556c1
7.0.2Updates
decode-uri-component
from 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea46
0.2.2980e0bf
Prevent overwriting previously decoded tokens3c8a373
0.2.176abc93
Switch to GitHub workflows746ca5d
Fix issue where decode throws - fixes #6486d7e2
Update license (#1)a650457
Tidelift tasks66e1c28
Meta tweaksUpdates
json-schema
from 0.2.3 to 0.4.0Commits
f6f6a3b
Use a little more robust method of checking instancesef60987
Update versionb62f1da
Protect against constructor modification, #84fb427cd
Link to json-schema-org repository in addition to site, fixes #5422f1461
Don't allow proto property to be used for schema default/coerce, fixes #84c52a27c
Get basic test to passb3f42b3
Add security policy3b0cec3
Update versionc28470f
Update readme to acknowledge the state of the package7dff9cd
Merge pull request #81 from hodovani/patch-1Updates
minimist
from 1.2.6 to 1.2.8Changelog
Sourced from minimist's changelog.
... (truncated)
Commits
6901ee2
v1.2.8a026794
Merge tag 'v0.2.3'c0b2661
v0.2.363b8fee
[Fix] Fix long option followed by single dash (#17)72239e6
[Tests] Remove duplicate test (#12)34b0f1c
[eslint] fix indentation3226afa
[Dev Deps] add missingnpmignore
dev dep098873c
[Dev Deps] update@ljharb/eslint-config
,aud
9ec4d27
[Fix] Fix long option followed by single dashba92fe6
[actions] Avoid 0.6 tests due to build failuresMaintainer changes
This version was pushed to npm by ljharb, a new releaser for minimist since your current version.
Updates
node-fetch
from 2.6.7 to 2.7.0Release notes
Sourced from node-fetch's releases.
... (truncated)
Commits
9b9d458
feat:AbortError
(#1744)65ae25a
fix: Remove the default connection close header (#1765)8bc3a7c
fix: socket variable testing for undefined (#1726)afb36f6
Revert "fix: handle bom in text and json (#1739)" (#1741)29909d7
fix: handle bom in text and json (#1739)70f592d
fix: "global is not defined" (#1704)0f1ebb0
Prevent error when response is null (#1699)6e9464d
ci(release): install dependenciesdd2a0ba
ci(release): install dependencies49bef02
ci(release): use latest Node LTSMaintainer changes
This version was pushed to npm by node-fetch-bot, a new releaser for node-fetch since your current version.
Updates
scss-tokenizer
from 0.2.3 to 0.4.3Release notes
Sourced from scss-tokenizer's releases.
... (truncated)
Commits
3e518d9
0.4.3ff8e994
Update changeloga53b6f2
Fixed ReDoS in 'loadAnnotation' function of previous-map.js.b55257b
Bump acorn from 5.7.3 to 5.7.4db9b196
0.4.2ae79d74
Restore prepublishOnly npm script32a65d8
0.4.1cef5140
Add support for utf8 name in input source map encoding07c1917
0.4.0d74f803
Commit package-lock.jsonUpdates
word-wrap
from 1.2.3 to 1.2.5Release notes
Sourced from word-wrap's releases.
Commits
207044e
1.2.59894315
revert default indentf64b188
run verb to generate README03ea082
Merge pull request #42 from jonschlinkert/chore/publish-workflow420dce9
Merge pull request #41 from jonschlinkert/fix/CVE-2023-26115-2bfa694e
Update .github/workflows/publish.ymlace0b3c
chore: bump version to 1.2.46fd7275
chore: add publish workflow30d6daf
chore: fix test655929c
chore: remove package-lockUpdates
decode-uri-component
from 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea46
0.2.2980e0bf
Prevent overwriting previously decoded tokens3c8a373
0.2.176abc93
Switch to GitHub workflows746ca5d
Fix issue where decode throws - fixes #6486d7e2
Update license (#1)a650457
Tidelift tasks66e1c28
Meta tweaksUpdates
json5
from 2.1.3 to 2.2.3Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
Commits
c3a7524
2.2.394fd06d
docs: update CHANGELOG for v2.2.33b8cebf
docs(security): use GitHub security advisoriesf0fd9e1
docs: publish a security policy6a91a05
docs(template): bug -> bug report14f8cb1
2.2.210cc7ca
docs: update CHANGELOG for v2.2.27774c10
fix: add proto to objects and arraysedde30a
Readme: slight tweak to intro97286f8
Improve example in readmeUpdates
minimatch
from 3.0.4 to 3.1.2Commits
699c459
3.1.22f2b5ff
fix: trim pattern25d7c0d
3.1.155dda29
fix: treat nocase:true as always having magic5e1fb8d
3.1.0f8145c5
Add 'allowWindowsEscape' option570e8b1
add publishConfig for v3 publishes5b7cd33
3.0.620b4b56
[fix] revert all breaking syntax changes2ff0388
document, expose, and test 'partial:true' optionUpdates
minimist
from 1.2.5 to 1.2.8Changelog
Sourced from minimist's changelog.
... (truncated)
Commits
6901ee2
v1.2.8a026794
Merge tag 'v0.2.3'c0b2661
v0.2.363b8fee
[Fix] Fix long option followed by single dash (#17)72239e6
[Tests] Remove duplicate test (#12)34b0f1c
[eslint] fix indentation3226afa
[Dev Deps] add missingnpmignore
dev dep098873c
[Dev Deps] update@ljharb/eslint-config
,aud
9ec4d27
[Fix] Fix long option followed by single dashba92fe6
[actions] Avoid 0.6 tests due to build failuresMaintainer changes
This version was pushed to npm by ljharb, a new releaser for minimist since your current version.
Updates
moment
from 2.29.1 to 2.30.1Changelog
Sourced from moment's changelog.
Commits
485d9a7
Build 2.30.1e048b09
Bump version to 2.30.1f9f2d58
Update changelog for 2.30.1a52ffb2
Revert "Merge pull request #5827 from BobZombie:feature/fix_d.ts"ddd6809
Build 2.30.0be64d00
Bump version to 2.30.0ad41179
Update changelog for 2.30.063fe479
[misc] Make code ES6 compatible0f0195f
Revert "Merge pull request #5599 from Alanscut:issue_4985"15b82f5
Revert "Merge pull request #5597 from Alanscut:issue-5596"Updates
node-fetch
from 2.6.1 to 2.7.0Release notes
Sourced from node-fetch's releases.